ISCAS OpenIR
DAA-related APIs in TPM 2.0 revisited
Xi, Li (1); Yang, Kang (1); Zhang, Zhenfeng (1); Feng, Dengguo (1)
2014
会议名称7th International Conference on Trust and Trustworthy Computing, TRUST 2014
页码1-18
会议日期June 30, 2014 - July 2, 2014
会议地点Heraklion, Crete, Greece
收录类别EI
出版地Springer Verlag
ISSN3029743
ISBN9783319085920
部门归属(1) Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100080, China
摘要In TPM 2.0, a single signature primitive is proposed to support various signature schemes including Direct Anonymous Attestation (DAA), U-Prove and Schnorr signature. This signature primitive is implemented by several APIs which can be utilized as a static Diffie-Hellman (SDH) oracle. In this paper, we measure the practical impact of the SDH oracle in TPM 2.0 and show the security strength of these signature schemes can be weakened by 13-bit. We propose a novel property of DAA called forward anonymity and show how to utilize these DAA-related APIs to break forward anonymity. Then we propose new APIs which not only remove the SDH oracle but also support the forward anonymity, thus significantly improve the security of DAA and the other signature schemes supported by TPM 2.0. We prove the security of our new APIs under the discrete logarithm assumption in the random oracle model. We prove that the proposed DAA schemes satisfied the forward anonymity property using the new APIs under the Decision Diffie-Hellman assumption. Our new APIs are almost as efficient as the original APIs in TPM 2.0 specification and can support LRSW-DAA and SDH-DAA together with U-Prove as the original APIs. © 2014 Springer International Publishing.; In TPM 2.0, a single signature primitive is proposed to support various signature schemes including Direct Anonymous Attestation (DAA), U-Prove and Schnorr signature. This signature primitive is implemented by several APIs which can be utilized as a static Diffie-Hellman (SDH) oracle. In this paper, we measure the practical impact of the SDH oracle in TPM 2.0 and show the security strength of these signature schemes can be weakened by 13-bit. We propose a novel property of DAA called forward anonymity and show how to utilize these DAA-related APIs to break forward anonymity. Then we propose new APIs which not only remove the SDH oracle but also support the forward anonymity, thus significantly improve the security of DAA and the other signature schemes supported by TPM 2.0. We prove the security of our new APIs under the discrete logarithm assumption in the random oracle model. We prove that the proposed DAA schemes satisfied the forward anonymity property using the new APIs under the Decision Diffie-Hellman assumption. Our new APIs are almost as efficient as the original APIs in TPM 2.0 specification and can support LRSW-DAA and SDH-DAA together with U-Prove as the original APIs. © 2014 Springer International Publishing.
语种英语
内容类型会议论文
URI标识http://ir.iscas.ac.cn/handle/311060/16577
专题中国科学院软件研究所
推荐引用方式
GB/T 7714
Xi, Li ,Yang, Kang ,Zhang, Zhenfeng ,et al. DAA-related APIs in TPM 2.0 revisited[C]. Springer Verlag,2014:1-18.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Xi, Li (1)]的文章
[Yang, Kang (1)]的文章
[Zhang, Zhenfeng (1)]的文章
百度学术
百度学术中相似的文章
[Xi, Li (1)]的文章
[Yang, Kang (1)]的文章
[Zhang, Zhenfeng (1)]的文章
必应学术
必应学术中相似的文章
[Xi, Li (1)]的文章
[Yang, Kang (1)]的文章
[Zhang, Zhenfeng (1)]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。